One sulutions is to allow < > & etc.. from the user input. Just escape it into html escaped format. CGI.pm provides a function for this. <BLOCKQUOTE><font size="1" face="Arial,Helvetica,sans serif">code:</font><HR>

use CGI; $q = new CGI;

# Get escapted user input from a # form field named formfield $input = $q->escapeHTML($q->param('formfield')); </pre><HR></BLOCKQUOTE>

There is a class of HTML:: modules out there specifically for parsing HTML correctly, but I'm not too familiar with it.

I've been practicing writing regular expressions to parse complex strings, and I do believe I've come up with a regular expression to match regular HTML tags. I'm still working on matching comment tags, DTD tags, and SSI tags.

This regex will match fake HTML tags, too, like <AAA href="...">, and I'm still trying to find the W3C RFC on the format in which HTML tag names -- both built-in and user specified -- can be in. This regex only allows for tag names of letters, numbers, and underscores. The attribute matching part allows for hyphens.